package com.qunar.auth;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import com.qunar.auth.uitls.Action;
import com.qunar.auth.uitls.IDEncryptor;
import com.qunar.auth.uitls.MD5;
import com.qunar.auth.uitls.Pairs;
import com.qunar.auth.uitls.ReadAuthFiles;
import com.qunar.auth.uitls.TimeUtils;
import com.qunar.auth.uitls.URLUtils;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.yarn.conf.YarnConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.LimitedPrivate({YarnConfiguration.DEFAULT_APPLICATION_TYPE, "MapReduce"})
/* loaded from: input_file:lib/hadoop-yarn-auth-2.2.0.jar:com/qunar/auth/CheckAuth.class */
public class CheckAuth {
    private static final String USER_TO_HADOOP = "/etc/hadoop/usertohadoop.txt";
    private static final String HADOOP_TO_QUEUE = "/etc/hadoop/hadooptoqueue.txt";
    public static final String MONITOR_USER = "hadoop2xmonitor";
    private static final String COOKIE = "654321";
    private static final Logger logger = LoggerFactory.getLogger(CheckAuth.class);
    private static final String currentPath = System.getProperty("user.dir");
    private static Map<String, List<String>> usertohaddoMap = null;
    private static Map<String, List<String>> hadooptoqueueMap = null;
    private static String info = "没有登陆，无权限!";

    public static Pairs<String, Boolean> checkAuth(HttpServletRequest httpServletRequest) {
        String encode;
        boolean z;
        UserAuth auth;
        UserAuth auth2;
        HttpSession session = httpServletRequest.getSession();
        UserAuth userAuth = (UserAuth) session.getAttribute("userAuth");
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("cookie");
        String parameter3 = httpServletRequest.getParameter("reload");
        String parameter4 = httpServletRequest.getParameter("key");
        if (parameter3 != null && parameter3.equals("reload")) {
            logger.info("重新加载用户授权文件!");
            fillMaps();
        }
        if (userAuth == null && parameter2 != null && parameter != null) {
            if (!parameter2.equals(COOKIE)) {
                Pairs<String, Boolean> checkCookie = checkCookie(parameter2);
                if (checkCookie != null) {
                    return checkCookie;
                }
                Pairs<String, Boolean> checkKey = checkKey(parameter4, parameter);
                if (checkKey != null) {
                    return checkKey;
                }
            }
            if (parameter.equals(MONITOR_USER) && parameter2.equals(COOKIE)) {
                auth2 = new UserAuth(parameter, null);
                session.setAttribute("userAuth", auth2);
                logger.info("monitor is working!!");
            } else {
                auth2 = getAuth(parameter, session);
            }
            if (auth2 == null) {
                encode = info;
                z = false;
            } else {
                encode = "Logged in as: " + parameter;
                z = true;
            }
        } else if (userAuth != null) {
            String username = userAuth.getUsername();
            if (username.equals(MONITOR_USER)) {
                auth = new UserAuth(username, null);
                session.setAttribute("userAuth", auth);
                logger.info("monitor is working!!");
            } else {
                auth = getAuth(username, session);
            }
            if (auth == null) {
                encode = info;
                z = false;
            } else {
                encode = "Logged in as: " + username;
                z = true;
            }
        } else {
            encode = URLUtils.encode("请登录!");
            z = false;
        }
        Global.setContext(session);
        return new Pairs<>(encode, Boolean.valueOf(z));
    }

    private static UserAuth getAuth(String str, HttpSession httpSession) {
        if (str == null) {
            logger.error("请输入用户名或密码!");
            info = URLUtils.encode("请输入用户名或密码!");
            return null;
        }
        if (usertohaddoMap == null || hadooptoqueueMap == null) {
            logger.error("授权文件不存在!");
            info = URLUtils.encode("服务器内部错误，请RTX联系yangping.wu");
            return null;
        }
        printMap(usertohaddoMap);
        printMap(hadooptoqueueMap);
        ArrayList<String> newArrayList = Lists.newArrayList();
        for (Map.Entry<String, List<String>> entry : usertohaddoMap.entrySet()) {
            if (entry.getValue().contains(str)) {
                newArrayList.add(entry.getKey());
            }
        }
        HashMap newHashMap = Maps.newHashMap();
        for (String str2 : newArrayList) {
            Set<Map.Entry<String, List<String>>> entrySet = hadooptoqueueMap.entrySet();
            HashSet newHashSet = Sets.newHashSet();
            for (Map.Entry<String, List<String>> entry2 : entrySet) {
                if (entry2.getValue().contains(str2)) {
                    newHashSet.add(entry2.getKey());
                }
            }
            newHashMap.put(str2, newHashSet);
        }
        UserAuth userAuth = null;
        if (newArrayList.size() != 0 && newHashMap.size() != 0) {
            userAuth = new UserAuth(str, newHashMap);
            httpSession.setAttribute("userAuth", userAuth);
            logger.info("userAuth \t " + userAuth);
        }
        if (userAuth != null) {
            logger.info(str + "登录成功!");
            return userAuth;
        }
        httpSession.setAttribute("userAuth", userAuth);
        logger.warn("不存在" + str + "用户");
        info = URLUtils.encode("不存在" + str + "用户");
        return null;
    }

    private static void printMap(Map<String, List<String>> map) {
        logger.info("############################################");
        for (Map.Entry<String, List<String>> entry : map.entrySet()) {
            logger.info(entry.getKey() + "\t" + entry.getValue());
        }
        logger.info("############################################");
    }

    private static void fillMaps() {
        usertohaddoMap = ReadAuthFiles.fillMap(currentPath + USER_TO_HADOOP);
        hadooptoqueueMap = ReadAuthFiles.fillMap(currentPath + HADOOP_TO_QUEUE);
    }

    private static Pairs<String, Boolean> checkCookie(String str) {
        try {
            int decrypt = new IDEncryptor().decrypt(str);
            String time = TimeUtils.getTime(String.valueOf(decrypt), Action.ADD);
            if (time == null) {
                logger.error("cookie数据错误!");
                return new Pairs<>(URLUtils.encode("cookie数据错误!"), false);
            }
            String nowTime = TimeUtils.getNowTime();
            if (String.valueOf(decrypt).equals(nowTime) || time.equals(nowTime)) {
                return null;
            }
            logger.error("cookie已经失效了!");
            return new Pairs<>(URLUtils.encode("cookie已经失效了!"), false);
        } catch (Exception e) {
            logger.error("解码出错!" + e.getMessage());
            return new Pairs<>(URLUtils.encode("系统问题，请联系yangping.wu!"), false);
        }
    }

    private static Pairs<String, Boolean> checkKey(String str, String str2) {
        if (Strings.isNullOrEmpty(str)) {
            logger.error("key为空!");
            return new Pairs<>(URLUtils.encode("key为空!"), false);
        }
        String MD5 = MD5.MD5(str2, TimeUtils.getNowTime());
        String MD52 = MD5.MD5(str2, TimeUtils.getTime(TimeUtils.getNowTime(), Action.MINUS));
        if (MD5.equals(str) || MD52.equals(str) || MD5.ERROR_KEY.equals(MD5) || MD5.ERROR_KEY.equals(MD52)) {
            return null;
        }
        logger.error("key已经失效了!");
        return new Pairs<>(URLUtils.encode("key已经失效了!"), false);
    }

    static {
        fillMaps();
    }
}
